Article Preview
TopBackground
Provide broad definitions and discussions of the topic and incorporate views of others (literature review) into the discussion to support, refute, or demonstrate your position on the topic.1 The need for rigorous information security and privacy functionalities in the e-government domain is hardly a new development (Ebrahim & Irani, 2005). However, the increasing scope and complexity of government functions, together with rising public concern and more aggressive regulations such as the European Union’s GDPR, have increased the salience and the need for ever better privacy measures. While it is widely agreed that implementing security and privacy controls at the design stage of a given information system significantly minimizes work, increases security, and decreases costs (Williams, 2009; Schaar, 2010, Hustinx, 2010), it remains unclear exactly how to do so in a realistic setting (Kroener & Wright, 2014, Jacobs & Popma, 2019, Bednar et al., 2019). Cavoukian (2012а) has proposed a number of principles that Hoepman (2014) operationalizes in a number of privacy-preserving strategies and tactics. Some authors use those to propose a PbD methodology (e.g. Dennedy et al, 2014; Cronk, 2018) but those efforts are largely focused on the private sector.